Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=caspersoft.lk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 24, 2025
Valid Until
February 22, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CA:FD:53:1A:F5:7F:76:14:AB:0A:D0:97:E0:B0:7D:53:3A:26:5C:A0:B5:45:7F:2D:EF:B4:29:50:0B:79:4F:04
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.derech.co.il
365days.me
pool.ackermanpla.net
www.agenciamidmark.com.br
www.ameicontabilidadeonline.com.br
www.apli.tv
staging-admin.app-faststaff.com
www.arc.gay
showroom.athum.com
atlis.io
avirealestate.com
b-loom.jp
baroqueaccess.com
blog.beancountme.com
staging-experiences.benguelacove.co.za
bpay.bnext.es
bradduns.com
caspersoft.lk
www.charliestudio.app
3hlearning.co.in
quickcode.co.in
www.coperinno.com
craft-itech.co
app.cribsy.ai
tr-tr.cronz.co
beta.app.devalayas.com
www.dreambugsoftware.se
block.e-onlineservice.com
www.eduventurelandgame.com
l-dev.eirinc.jp
elenidis.gr
mobilityplus-test.enbw.com
app.evoked.io
evoque.biz
fairy.world
www.famboos.com
feligresia.net
frinksmovement.com
geoloc.app
schedule.germanlanguage.ph
api.getbreef.com
www.grannyfab.com
campus.grinboss.com
haidong.mx
haniandmatt.com
havabee.com
helixcode.in
sworkhelp.hnst.vn
hogstadiet.se
homovital.de
houndsonthehoof.co.uk
www.inc.solutions
www.inocentro.pt
invidstor.com
techconnect.jackhenry.com
icelandair-sdk-sandbox.joinsherpa.io
www.kalkicapital.com
kitsune.world
lass-uns-leben.de
leydev.com.br
www.linfieldstables.info
bakerush.maxwallner.com
privacy-dev.migolink.com
nfcard.shop
chatbotui.novafutur.com
onthespotapp.net
default.openreads.xyz
outdoapp.pt
stradafiat.pessego.com
profoundmodel.org
my.profylecard.com
sigma.punefasteners.com
app.rapidbotz.com
vm.raven.live
www.reactjs.de
realtime.team
empower.savannahghi.org
www.under-the-shelf.shelbyshipley.dev
clinic.sokuyaku.jp
www.summitto.com
safe.tadatada.com
dev.tatainvite.com
minhnghiaminhtam.tattyhouse.com
tenofakind.com
inventory.texone.app
randomizer.thehopestreet.org
tikti.me
tonydowney.ca
toot.co
sportclubmujer.turnosweb.app
www.uniorbiketools.com
ad.venture-ist.com
www.vext.co.uk
www.floater.wheesy.de
www.zet.wize.pe
link.woo.org
contractor.eu.wow-dev.org
www.10110.dev
referral.xrex.exchange
zecrypt.io
Other domains in certificate